Signal partners with Microsoft to bring end-to-end encryption to Skype

unnamed

In collaboration with Signal, Microsoft is introducing a Private Conversations feature in Skype, powered by Signal Protocol. Facebook Messenger, WhatsApp, and Google Allo already use this technology. The protocol combines the Double Ratchet Algorithm, prekeys, and a triple Diffie–Hellman (3-DH) handshake, and uses Curve25519AES-256 and HMAC-SHA256 as primitives.

More…

Advertisements

WPA3 to be Released in 2018

wireless-security-300x271

LAS VEGAS, Jan. 08, 2018 (GLOBE NEWSWIRE) — Wi-Fi Alliance® introduces enhancements and new features for Wi-Fi Protected Access®, the essential family of Wi-Fi CERTIFIED™ security technologies for more than a decade. Wi-Fi Alliance is launching configuration, authentication, and encryption enhancements across its portfolio to ensure Wi-Fi CERTIFIED devices continue to implement state of the art security protections.

More…

PSA: KB4056892 Released to Address Intel Processor Security Issue

Linking the whole thing here so you don’t have to search for it (Link to the official release here if needed). Pay particular attention to what I put in bold:

January 3, 2018—KB4056892 (OS Build 16299.192)

Applies to: Windows 10 version 1709

Improvements and fixes


This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include:

  • Addresses issue where event logs stop receiving events when a maximum file size policy is applied to the channel.
  • Addresses issue where printing an Office Online document in Microsoft Edge fails.
  • Addresses issue where the touch keyboard doesn’t support the standard layout for 109 keyboards.
  • Addresses video playback issues in applications such as Microsoft Edge that affect some devices when playing back video on a monitor and a secondary, duplicated display.
  • Addresses issue where Microsoft Edge stops responding for up to 3 seconds while displaying content from a software rendering path.
  • Addresses issue where only 4 TB of memory is shown as available in Task Manager in Windows Server version 1709 when more memory is actually installed, configured, and available.
  • Security updates to Windows SMB Server, the Windows Subsystem for Linux, Windows Kernel, Windows Datacenter Networking, Windows Graphics, Microsoft Edge, Internet Explorer, and the Microsoft Scripting Engine.

If you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.

For more information about the resolved security vulnerabilities, see the Security Update Guide.

Known issues in this update


Symptom Workaround
Update installation may stop at 99% and may show elevated CPU or disk utilization if a device was reset using the Reset this PC functionality after installing KB4054022. Note This workaround uses c:\temp and the x64 architecture as examples. Update these examples as appropriate for your environment.

  1. Download the appropriate version of KB4054022 for your device architecture from the Microsoft Update Catalog to c:\temp. Then run the commands in the steps below from the administrative command prompt.
  2. Expand the .msu file that you downloaded in step 1.mkdir c:\temp
    expand -f:* windows10.0-kb4054022-x64.msu c:\temp
  3. End the existing TrustedInstaller processes and install KB4054022 using the Deployment Image Servicing and Management tool.taskkill /f /im tiworker.exe
    taskkill /f /im trustedinstaller.exe
    dism /online /add-package /packagepath:c:\temp\Windows10.0-KB4054022-x64.cab
  4. (Optional) Delete the CBS logs from the Windows Logs directory.

del /f %windir%\logs\cbs\*.log

Microsoft is working on a resolution and will provide an update in an upcoming release.

Windows Update History reports that KB4054517 failed to install because of Error 0x80070643. Even though the update was successfully installed, Windows Update incorrectly reports that the update failed to install. To verify the installation, select Check for Updates to confirm that there are no additional updates available.

You can also type About your PC in the Search box on your taskbar to confirm that your device is using OS Build 16299.125.

Microsoft is working on a resolution and will provide an update in an upcoming release.

When calling CoInitializeSecurity, the call will fail if passing RPC_C_IMP_LEVEL_NONE under certain conditions. Microsoft is working on a resolution and will provide an update in an upcoming release.
Due to an issue with some versions of Anti-Virus software, this fix is only being made applicable to the machines where the Anti virus ISV has updated the ALLOW REGKEY. Contact your Anti-Virus AV to confirm that their software is compatible and have set the following  REGKEY on the machine
Key=”HKEY_LOCAL_MACHINE”Subkey=”SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat”
Value Name=”cadca5fe-87d3-4b96-b7fb-a231484277cc”
Type=”REG_DWORD”
Data=”0x00000000”

 

How to get this update


This update will be downloaded and installed automatically from Windows Update. To get the standalone package for this update, go to the Microsoft Update Catalog website.

Note: On the catalog website you will also see the update for Server 2016.

Kernel-memory-leaking Intel processor design flaw forces Linux, Windows redesign

2000px-Intel-logo.svg

A fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel’s virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products.

More…

Win10 Fall Creators Update: “The User Name or Password is Incorrect” Error Message After Restart

Credit: Vishal Gupta @ this link.

If you recently upgraded to a new Windows 10 version such as the Fall Creators Update, you might be facing a very annoying problem. If you restart your machine, after boot screen an error message is shown: “The user name or password is incorrect. Try again.“. The strange thing is that the error message is shown before Login Screen (also known as Sign-in Screen or Welcome Screen). So even if you didn’t enter any username or password, you get this error message first. Once you click on OK button, you get the Login Screen to enter correct user name and password and then Windows allows you to sign-in successfully.

The_User_Name_Password_Incorrect_Windows_10_Login_Screen.png

It happens due to a new feature added to Windows 10 newer versions which is called “Improved Boot Up Experience”. Microsoft has implemented a new functionality in Windows 10 newer versions which allows Windows to use your sign-in info to apply settings after a restart or update. This feature automatically finishes setting your Windows 10 device after an update is installed and your machine is restarted.

Here is the official explanation of this new feature according to Microsoft:

The advanced Windows Update feature to use your sign-in info to automatically finish setting your device after an update has been extended to regular reboots and shutdowns. When you log in and initiate a reboot or a shutdown through power options available on the Start Menu and various other locations, Windows will automatically setup your account after it has booted back up.

This will help you sign-in faster and will restore your accessibility applications and any other application that has registered for application restart.

This feature was added first to Windows 10 build 16251.

Microsoft has provided an option to enable/disable this feature. You just need to use following steps:

1. Open Settings app from Start Menu. Alternatively, you can press WIN+I keys together to open Settings directly.

2. Now click on Accounts icon in Settings app and then click on Sign-in Options tab present in left-side pane.

3. Scroll down to bottom and you’ll see “Use my sign-in info to automatically finish setting up my device after an update or restart” option. This option would be set to ON.

Disable_Use_My_Sign_in_Info_After_Restart_Option_Windows_10_Settings.png

Click on the toggle button and set this option to OFF.

That’s it. Now restart your computer and you’ll never see the irritating error message about incorrect username or password unless of course you manually enter a wrong password.